forked from prowler-cloud/prowler
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathprowler-additions-policy.json
113 lines (113 loc) · 4.1 KB
/
prowler-additions-policy.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"access-analyzer:List*",
"apigateway:get*",
"apigatewayv2:get*",
"aws-marketplace:viewsubscriptions",
"batch:listjobs",
"clouddirectory:listappliedschemaarns",
"clouddirectory:listdevelopmentschemaarns",
"clouddirectory:listpublishedschemaarns",
"cloudformation:list*",
"cloudhsm:listavailablezones",
"cloudsearch:list*",
"cloudwatch:get*",
"cloudwatch:list*",
"codebuild:listbuilds*",
"codestar:verify*",
"cognito-identity:listidentities",
"cognito-idp:list*",
"cognito-sync:listdatasets",
"connect:list*",
"datapipeline:getaccountlimits",
"dax:describeclusters",
"dax:describedefaultparameters",
"dax:describeevents",
"dax:describeparametergroups",
"dax:describeparameters",
"dax:describesubnetgroups",
"dax:describetable",
"dax:listtables",
"devicefarm:list*",
"discovery:list*",
"dms:list*",
"ds:ListAuthorizedApplications",
"ds:DescribeRoles",
"dynamodb:describebackup",
"dynamodb:describeglobaltablesettings",
"dynamodb:describelimits",
"dynamodb:describereservedcapacity",
"dynamodb:describereservedcapacityofferings",
"dynamodb:describestream",
"dynamodb:listtagsofresource",
"ec2:get*",
"ecr:describe*",
"ecr:listimages",
"elasticbeanstalk:listavailablesolutionstacks",
"elasticmapreduce:list*",
"elastictranscoder:list*",
"gamelift:list*",
"glacier:list*",
"importexport:listjobs",
"lambda:GetAccountSettings",
"lambda:GetFunctionConfiguration",
"lambda:GetLayerVersionPolicy",
"lambda:GetPolicy",
"lambda:List*",
"lex:getbotaliases",
"lex:getbotchannelassociations",
"lex:getbots",
"lex:getbotversions",
"lex:getintents",
"lex:getintentversions",
"lex:getslottypes",
"lex:getslottypeversions",
"lex:getutterancesview",
"lightsail:getblueprints",
"lightsail:getbundles",
"lightsail:getinstancesnapshots",
"lightsail:getkeypair",
"lightsail:getregions",
"lightsail:getstaticips",
"lightsail:isvpcpeered",
"machinelearning:describe*",
"mobilehub:listavailablefeatures",
"mobilehub:listavailableregions",
"mobilehub:listprojects",
"mobiletargeting:getapplicationsettings",
"mobiletargeting:getcampaigns",
"mobiletargeting:getimportjobs",
"mobiletargeting:getsegments",
"opsworks-cm:describe*",
"opsworks:describe*",
"polly:describe*",
"polly:list*",
"redshift:viewqueriesinconsole",
"route53domains:list*",
"s3:listbucket",
"sdb:list*",
"secretsmanager:listsecretversionids",
"servicecatalog:list*",
"ses:list*",
"sns:list*",
"sqs:listqueuetags",
"ssm:listassociations",
"states:listactivities",
"support:describe*",
"swf:list*",
"tag:gettagkeys",
"trustedadvisor:describe*",
"waf-regional:list*",
"waf:list*",
"workdocs:describeavailabledirectories",
"workdocs:describeinstances",
"workmail:describe*"
],
"Effect": "Allow",
"Resource": "*"
}
]
}